[HttpKernel] Correctly Render Signed URIs Containing Fragments
Rebuild the URL with the computed hash instead of appending it onto the end of the URI, preventing incorrect formatting when dealing with URIs containing fragments.
This commit is contained in:
parent
44e9a91f30
commit
b9ece6bde7
@ -72,7 +72,7 @@ class EsiFragmentRendererTest extends TestCase
|
||||
$altReference = new ControllerReference('alt_controller', array(), array());
|
||||
|
||||
$this->assertEquals(
|
||||
'<esi:include src="/_fragment?_path=_format%3Dhtml%26_locale%3Dfr%26_controller%3Dmain_controller&_hash=Jz1P8NErmhKTeI6onI1EdAXTB85359MY3RIk5mSJ60w%3D" alt="/_fragment?_path=_format%3Dhtml%26_locale%3Dfr%26_controller%3Dalt_controller&_hash=iPJEdRoUpGrM1ztqByiorpfMPtiW%2FOWwdH1DBUXHhEc%3D" />',
|
||||
'<esi:include src="/_fragment?_hash=Jz1P8NErmhKTeI6onI1EdAXTB85359MY3RIk5mSJ60w%3D&_path=_format%3Dhtml%26_locale%3Dfr%26_controller%3Dmain_controller" alt="/_fragment?_hash=iPJEdRoUpGrM1ztqByiorpfMPtiW%2FOWwdH1DBUXHhEc%3D&_path=_format%3Dhtml%26_locale%3Dfr%26_controller%3Dalt_controller" />',
|
||||
$strategy->render($reference, $request, array('alt' => $altReference))->getContent()
|
||||
);
|
||||
}
|
||||
|
@ -32,7 +32,7 @@ class HIncludeFragmentRendererTest extends TestCase
|
||||
{
|
||||
$strategy = new HIncludeFragmentRenderer(null, new UriSigner('foo'));
|
||||
|
||||
$this->assertEquals('<hx:include src="/_fragment?_path=_format%3Dhtml%26_locale%3Den%26_controller%3Dmain_controller&_hash=BP%2BOzCD5MRUI%2BHJpgPDOmoju00FnzLhP3TGcSHbbBLs%3D"></hx:include>', $strategy->render(new ControllerReference('main_controller', array(), array()), Request::create('/'))->getContent());
|
||||
$this->assertEquals('<hx:include src="/_fragment?_hash=BP%2BOzCD5MRUI%2BHJpgPDOmoju00FnzLhP3TGcSHbbBLs%3D&_path=_format%3Dhtml%26_locale%3Den%26_controller%3Dmain_controller"></hx:include>', $strategy->render(new ControllerReference('main_controller', array(), array()), Request::create('/'))->getContent());
|
||||
}
|
||||
|
||||
public function testRenderWithUri()
|
||||
|
@ -51,7 +51,7 @@ class SsiFragmentRendererTest extends TestCase
|
||||
$altReference = new ControllerReference('alt_controller', array(), array());
|
||||
|
||||
$this->assertEquals(
|
||||
'<!--#include virtual="/_fragment?_path=_format%3Dhtml%26_locale%3Dfr%26_controller%3Dmain_controller&_hash=Jz1P8NErmhKTeI6onI1EdAXTB85359MY3RIk5mSJ60w%3D" -->',
|
||||
'<!--#include virtual="/_fragment?_hash=Jz1P8NErmhKTeI6onI1EdAXTB85359MY3RIk5mSJ60w%3D&_path=_format%3Dhtml%26_locale%3Dfr%26_controller%3Dmain_controller" -->',
|
||||
$strategy->render($reference, $request, array('alt' => $altReference))->getContent()
|
||||
);
|
||||
}
|
||||
|
@ -21,7 +21,8 @@ class UriSignerTest extends TestCase
|
||||
$signer = new UriSigner('foobar');
|
||||
|
||||
$this->assertContains('?_hash=', $signer->sign('http://example.com/foo'));
|
||||
$this->assertContains('&_hash=', $signer->sign('http://example.com/foo?foo=bar'));
|
||||
$this->assertContains('?_hash=', $signer->sign('http://example.com/foo?foo=bar'));
|
||||
$this->assertContains('&foo=', $signer->sign('http://example.com/foo?foo=bar'));
|
||||
}
|
||||
|
||||
public function testCheck()
|
||||
@ -45,7 +46,7 @@ class UriSignerTest extends TestCase
|
||||
$signer = new UriSigner('foobar');
|
||||
|
||||
$this->assertSame(
|
||||
'http://example.com/foo?baz=bay&foo=bar&_hash=rIOcC%2FF3DoEGo%2FvnESjSp7uU9zA9S%2F%2BOLhxgMexoPUM%3D',
|
||||
'http://example.com/foo?_hash=rIOcC%2FF3DoEGo%2FvnESjSp7uU9zA9S%2F%2BOLhxgMexoPUM%3D&baz=bay&foo=bar',
|
||||
$signer->sign('http://example.com/foo?foo=bar&baz=bay')
|
||||
);
|
||||
$this->assertTrue($signer->check($signer->sign('http://example.com/foo?foo=bar&baz=bay')));
|
||||
@ -61,4 +62,15 @@ class UriSignerTest extends TestCase
|
||||
);
|
||||
$this->assertTrue($signer->check($signer->sign('http://example.com/foo?foo=bar&baz=bay')));
|
||||
}
|
||||
|
||||
public function testSignerWorksWithFragments()
|
||||
{
|
||||
$signer = new UriSigner('foobar');
|
||||
|
||||
$this->assertSame(
|
||||
'http://example.com/foo?_hash=EhpAUyEobiM3QTrKxoLOtQq5IsWyWedoXDPqIjzNj5o%3D&bar=foo&foo=bar#foobar',
|
||||
$signer->sign('http://example.com/foo?bar=foo&foo=bar#foobar')
|
||||
);
|
||||
$this->assertTrue($signer->check($signer->sign('http://example.com/foo?bar=foo&foo=bar#foobar')));
|
||||
}
|
||||
}
|
||||
|
@ -51,8 +51,9 @@ class UriSigner
|
||||
}
|
||||
|
||||
$uri = $this->buildUrl($url, $params);
|
||||
$params[$this->parameter] = $this->computeHash($uri);
|
||||
|
||||
return $uri.(false === strpos($uri, '?') ? '?' : '&').$this->parameter.'='.$this->computeHash($uri);
|
||||
return $this->buildUrl($url, $params);
|
||||
}
|
||||
|
||||
/**
|
||||
@ -75,7 +76,7 @@ class UriSigner
|
||||
return false;
|
||||
}
|
||||
|
||||
$hash = urlencode($params[$this->parameter]);
|
||||
$hash = $params[$this->parameter];
|
||||
unset($params[$this->parameter]);
|
||||
|
||||
return $this->computeHash($this->buildUrl($url, $params)) === $hash;
|
||||
@ -83,7 +84,7 @@ class UriSigner
|
||||
|
||||
private function computeHash($uri)
|
||||
{
|
||||
return urlencode(base64_encode(hash_hmac('sha256', $uri, $this->secret, true)));
|
||||
return base64_encode(hash_hmac('sha256', $uri, $this->secret, true));
|
||||
}
|
||||
|
||||
private function buildUrl(array $url, array $params = array())
|
||||
|
Reference in New Issue
Block a user